CYBER SAFE

TBY talks to Datuk Ir. Khalilur Rahman Ebrahim, Executive Chairman of System Consultancy Services (SCS), on projects with the government and military, cyber threats, and the extent of the company's presence in Malaysia.

BIOGRAPHY

Datuk Ir. Khalilur Rahman Ebrahim graduated with bachelor’s of science in electrical and electronic engineering from Brighton Polytechnic, UK, in 1973. He obtained his master’s in electronics from the University of Technology Malaysia in 1993. He started his career in 1973 as a maintenance engineer in the communication department of the Malaysian National Electricity Board. He joined Sapura Holdings in 1984 as Head of R&D, where he was responsible for the development of many innovative products like the PABX, mobile phones, pagers, and feature phones. He started System Consultancy Services (SCS) in 1994, and now runs a group of five companies, dealing with defense technologies, industrial automation, SCADA systems, building security systems, and composites.

How did SCS evolve to become the key service provider on cyber security to the Malaysian defense industry?

While I was working in the RND division of Sapura, we often received requests from the Ministry of Defense on matters of Command and Control (C2) and Electronic Warfare. The Malaysian Authorities at that time had purchased a military Command, Control and Intelligence system (C3I) from the British and there was little expertise within the military to oversee the implementation of the system. To deliver the proper support on this project, we decided to form a dedicated company and in 1993 we established as Sapura Consultancy Services, which we later rebranded as SCS. We started our operations with six consultants and developed rapidly from there. The government was keen on purchasing new technology, but needed technical advice and experts to maintain these complicated systems—the military alone did not have the capabilities to do so. The British could do it; however, the idea was to localize these services as having foreigners around our strategic defense infrastructure would present an unnecessary security risk. That is how we became the maintenance provider of these systems. Prior to 2000, we did a major software upgrade and in conjunction with the Y2K compliance upgrade, we revamped the systems at the Ministry of Defense across the board and have been maintaining them ever since. Software and hardware are not static systems and continued maintenance is of pivotal importance to ensure the continued reliable service.

Would you also say that the security threats have changed?

Security threats change all the time. You can be an expert on one system and educate yourself on all the available hacking tools; however, once a new system arrives or gets upgraded overnight, you are back where you started—imagine the consequences for the military. We need to maintain continued awareness of global developments in cyber security and electronic warfare. We train and provide technology updates and awareness to around 2,000 military staff each year to monitor the situation. In addition, we now offer our services to the national police and several town councils to enhance their public services and cyber security measures.

Do you see an increase in demand for these services by private clients?

Awareness is increasing though, unfortunately, not fast enough, as cyber security is a big threat to the whole wellbeing of businesses. There is no such thing as a free lunch—be careful when you get one. In the present day and age, technology like Facebook and WhatsApp are available for free, although it costs billions to set up the infrastructure and keep all the servers running. Without having vast assets, Facebook sold for USD 25 billion, which demonstrates how much data is worth these days. Commercial organizations that have valuable information should be aware of the power and the privacy risks, as the tools to break into this data have become much more advanced.

What are your activities in the non-defense domain?

Our mainstay, about 90% of our business, is in defense and in Malaysia. We plan to expand in non-defense industries like Light Rail Transit (LRT), because these systems have technical support systems where we can bring in our expertise in software management. We have vast experience in supplying the control system for the country's electricity grid company Tenaga Nasional and KTM, which is a key player in keeping the trains rolling. We are a service provider to KTM, LRT, and MRT, and in this regard we have a track record in providing technology and servicing these systems. Infrastructure in rail transport has to last at least 30 years, and during such a lifecycle, software needs to be upgraded multiple times. It is always better to have a local company involved in computer system servicing, i.e. a firm that can deal with problems within a two-hour timeframe.